on 01-11-2011 9:19 PM
Hi Everyone,
Is there anyway to use the HTTPS just for ESS -Mss application in SAP Portal EP7 EHP1 or to use the secure connection we should switch Portal to https?
We implement our internal portal (HTTP) , with ESS-MSS connected to SAP ECC, As we are adding more functionality to ESS-MSS looking for more security.
Any Idea?
Thanks,
By default it's all or nothing.
You may install the ESS/MSS BP on another server that is accessed by HTTPS and integrate this server into your portal by the mean of an iFrame or by an external link.
As a workaround you can put a Javascript in the WSS/MSS roles / worksets that checks if the connection is HTTP and switches the protocol to HTTPS (may include a (partial) page refresh). When the user navigates away from the ESS/MSS pages another Javascript switches the protocol back to HTTP.
br,
Tobias
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Olivier,
these WebDynpros run on the AS Java server, so the secure configuration is done at JCo level. For JCo connections issued by the portal the portal application has to open a JCA connection. I believe, there the secure connection is indeed configured in the portal's system landscape.
br,
Tobias
Hi Guys,
Is there any documentation, I can follow to create JCA connections between POrtal and SAP? have you ever heard anybody used JCA connection for ESS-MSS?
Do we need to do programming for JCA connection or is there a way to create a JCA connection instead of JCO connection?
THanks a lot
Edited by: Mar V on Jan 18, 2011 10:58 PM
JCA will use JCO, but as JCO is a SAP technology to connect to ABAP systems, JCA is the Java standard for connectors. For ESS/MSS you use WebDynpro Java, that will use JCo. You'll have to configure a secure JCo connection between the AS Java and the ABAP system (with SNC). I think you'll have to do this either in the Visual Administrator or in the Web Dynpro Console.
br,
Tobias
Hi,
Secure JCo (SNC)
http://help.sap.com/saphelp_nw70/helpdata/en/c3/d2281db19ec347a2365fba6ab3b22b/frameset.htm
Blog about security (about Duet, but the basics are the same), also handles HTTPS: http://weblogs.sdn.sap.com/cs/blank/view/wlg/11224
br,
Tobias
Mar,
I dont think securing PORTAL to ECC communication will solve your security issue.
If I am not wrong, your security team should be more concerned with HTTP access to portal exposed to internet.
This must be made HTTPS. Else data sent from user's browser will be plain text and any interceptor can see the entire conversation and it doesnt take much time to compromise your portal.
For such scenarios, SAP strongly recommends using reverse proxy like webdispatcher.
You can do this:
For internet users : Browser(HTTPS) > Webdispatcher(HTTPS) > Portal(HTTP)
Give webdispatcher(https) url to internet users. Webdispatcher takes care of SSL and only webdispatcher will do http access to portal - You are safe from internet.
For intranet users: Browser(HTTP) > Portal(HTTP)
GIve portal(http) url to internal users.
Block this http access from internet.
Thanks,
Nag
Hi Mar,
You should switch your portal to https.
Cheers!!!
Biroj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
AFAIK, you need to activate HTTPS for the entire system. Activating https for specific applications is not possible.
Rgds,
Soujanya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.